diff options
Diffstat (limited to 'src/system')
| -rw-r--r-- | src/system/contest.php | 214 | ||||
| -rw-r--r-- | src/system/header.php | 63 | ||||
| -rw-r--r-- | src/system/importxml.php | 245 | ||||
| -rw-r--r-- | src/system/index.php | 22 | ||||
| -rw-r--r-- | src/system/option.php | 21 |
5 files changed, 565 insertions, 0 deletions
diff --git a/src/system/contest.php b/src/system/contest.php new file mode 100644 index 0000000..2d4d788 --- /dev/null +++ b/src/system/contest.php @@ -0,0 +1,214 @@ +<?php +//////////////////////////////////////////////////////////////////////////////// +//BOCA Online Contest Administrator +// Copyright (C) 2003-2012 by BOCA Development Team (bocasystem@gmail.com) +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// You should have received a copy of the GNU General Public License +// along with this program. If not, see <http://www.gnu.org/licenses/>. +//////////////////////////////////////////////////////////////////////////////// +// Last modified 05/aug/2012 by cassio@ime.usp.br +//Change list: +// 02/jul/2006 by cassio@ime.usp.br +// 25/aug/2007 by cassio@ime.usp.br: php initial tag changed to complete form + +require 'header.php'; + +if (isset($_GET["new"]) && $_GET["new"]=="1") { + $n = DBNewContest(); + ForceLoad("contest.php?contest=$n"); +} + +if (isset($_GET["contest"]) && is_numeric($_GET["contest"])) + $contest=$_GET["contest"]; +else + $contest=$_SESSION["usertable"]["contestnumber"]; + +if(($ct = DBContestInfo($contest)) == null) + ForceLoad("../index.php"); +if ($ct["contestlocalsite"]==$ct["contestmainsite"]) $main=true; else $main=false; + +if (isset($_POST["Submit3"]) && isset($_POST["penalty"]) && is_numeric($_POST["penalty"]) && + isset($_POST["maxfilesize"]) && isset($_POST["mainsite"]) && isset($_POST['localsite']) && + isset($_POST["name"]) && $_POST["name"] != "" && isset($_POST["lastmileanswer"]) && + is_numeric($_POST["lastmileanswer"]) && is_numeric($_POST["mainsite"]) && is_numeric($_POST['localsite']) && + isset($_POST["lastmilescore"]) && is_numeric($_POST["lastmilescore"]) && isset($_POST["duration"]) && + is_numeric($_POST["duration"]) && + isset($_POST["startdateh"]) && $_POST["startdateh"] >= 0 && $_POST["startdateh"] <= 23 && + isset($_POST["contest"]) && is_numeric($_POST["contest"]) && + isset($_POST["startdatemin"]) && $_POST["startdatemin"] >= 0 && $_POST["startdatemin"] <= 59 && + isset($_POST["startdated"]) && isset($_POST["startdatem"]) && isset($_POST["startdatey"]) && + checkdate($_POST["startdatem"], $_POST["startdated"], $_POST["startdatey"])) { + if ($_POST["confirmation"] == "confirm") { + $t = mktime ($_POST["startdateh"], $_POST["startdatemin"], 0, $_POST["startdatem"], + $_POST["startdated"], $_POST["startdatey"]); + if ($_POST["Submit3"] == "Activate") $ac=1; + else $ac=0; + $param['number']=$_POST["contest"]; + $param['name']=$_POST["name"]; + $param['startdate']=$t; + $param['duration']=$_POST["duration"]*60; + $param['lastmileanswer']=$_POST["lastmileanswer"]*60; + $param['lastmilescore']= $_POST["lastmilescore"]*60; + $param['penalty']=$_POST["penalty"]*60; + $param['maxfilesize']=$_POST["maxfilesize"]*1000; + $param['active']=$ac; + $param['mainsite']=$_POST["mainsite"]; + $param['localsite']=$_POST["localsite"]; + $param['mainsiteurl']=$_POST["mainsiteurl"]; + + DBUpdateContest ($param); + if ($ac == 1 && $_POST["contest"] != $_SESSION["usertable"]["contestnumber"]) { + $cf = globalconf(); + if($cf["basepass"] == "") + MSGError("You must log in the new contest. The standard admin password is empty (if not changed yet)."); + else + MSGError("You must log in the new contest. The standard admin password is " . $cf["basepass"] . " (if not changed yet)."); + + ForceLoad("../index.php"); + } + } + ForceLoad("contest.php?contest=".$_POST["contest"]); +} +?> +<br> + +<form name="form1" enctype="multipart/form-data" method="post" action="contest.php"> + <input type=hidden name="confirmation" value="noconfirm" /> + <script language="javascript"> + function conf() { + if (confirm("Confirm?")) { + document.form1.confirmation.value='confirm'; + } + } + function newcontest() { + document.location='contest.php?new=1'; + } + function contestch(n) { + if(n==null) { + k=document.form1.contest[document.form1.contest.selectedIndex].value; + if(k=='new') newcontest(); + else document.location='contest.php?contest='+k; + } else { + document.location='contest.php?contest='+n; + } + } + </script> + <br><br> + <center> + <table border="0"> + <tr> + <td width="35%" align=right>Contest number:</td> + <td width="65%"> +<select onChange="contestch()" name="contest"> +<?php +$cs = DBAllContestInfo(); +$isfake=false; +for ($i=0; $i<count($cs); $i++) { + echo "<option value=\"" . $cs[$i]["contestnumber"] . "\" "; + if ($contest == $cs[$i]["contestnumber"]) { + echo "selected"; + if($cs[$i]["contestnumber"] == 0) $isfake=true; + } + echo ">" . $cs[$i]["contestnumber"] . ($cs[$i]["contestactive"]=="t"?"*":"") ."</option>\n"; +} +?> +<option value="new">new</option> +</select> + </td> + </tr> + <?php if(!$isfake) { ?> + <tr> + <td width="35%" align=right>Name:</td> + <td width="65%"> + <input type="text" <?php if(!$main) echo "readonly"; ?> name="name" value="<?php echo $ct["contestname"]; ?>" size="50" maxlength="50" /> + </td> + </tr> + <tr> + <td width="35%" align=right>Start date:</td> + <td width="65%"> hh:mm + <input type="text" <?php if(!$main) echo "readonly"; ?> name="startdateh" value="<?php echo date("H", $ct["conteststartdate"]); ?>" size="2" maxlength="2" /> + : + <input type="text" <?php if(!$main) echo "readonly"; ?> name="startdatemin" value="<?php echo date("i", $ct["conteststartdate"]); ?>" size="2" maxlength="2" /> + dd/mm/yyyy + <input type="text" <?php if(!$main) echo "readonly"; ?> name="startdated" value="<?php echo date("d", $ct["conteststartdate"]); ?>" size="2" maxlength="2" /> + / + <input type="text" <?php if(!$main) echo "readonly"; ?> name="startdatem" value="<?php echo date("m", $ct["conteststartdate"]); ?>" size="2" maxlength="2" /> + / + <input type="text" <?php if(!$main) echo "readonly"; ?> name="startdatey" value="<?php echo date("Y", $ct["conteststartdate"]); ?>" size="4" maxlength="4" /> + </td> + </tr> + <tr> + <td width="35%" align=right>Duration (in minutes):</td> + <td width="65%"> + <input type="text" name="duration" <?php if(!$main) echo "readonly"; ?> value="<?php echo $ct["contestduration"]/60; ?>" size="20" maxlength="20" /> + </td> + </tr> + <tr> + <td width="35%" align=right>Stop answering (in minutes):</td> + <td width="65%"> + <input type="text" name="lastmileanswer" <?php if(!$main) echo "readonly"; ?> value="<?php echo $ct["contestlastmileanswer"]/60; ?>" size="20" maxlength="20" /> + </td> + </tr> + <tr> + <td width="35%" align=right>Stop scoreboard (in minutes):</td> + <td width="65%"> + <input type="text" name="lastmilescore" <?php if(!$main) echo "readonly"; ?> value="<?php echo $ct["contestlastmilescore"]/60; ?>" size="20" maxlength="20" /> + </td> + </tr> + <tr> + <td width="35%" align=right>Penalty (in minutes):</td> + <td width="65%"> + <input type="text" name="penalty" <?php if(!$main) echo "readonly"; ?> value="<?php echo $ct["contestpenalty"]/60; ?>" size="20" maxlength="20" /> + </td> + </tr> + <tr> + <td width="35%" align=right>Max file size allowed for teams (in KB):</td> + <td width="65%"> + <input type="text" name="maxfilesize" <?php if(!$main) echo "readonly"; ?> + value="<?php echo $ct["contestmaxfilesize"]/1000; ?>" size="20" maxlength="20" /> + </td> + </tr> + <tr><td width="35%" align=right> + Your PHP config. allows at most:</td> + <td width="65%"> + <?php echo ini_get('post_max_size').'B(max. post) and '.ini_get('upload_max_filesize').'B(max. filesize)'; ?> + </td></tr> + <tr> + <td width="35%" align=right>Contest main site URL (IP/bocafolder):</td> + <td width="65%"> + <input type="text" name="mainsiteurl" value="<?php echo $ct["contestmainsiteurl"]; ?>" size="40" maxlength="200" /> + </td> + </tr> + <tr> + <td width="35%" align=right>Contest main site number:</td> + <td width="65%"> + <input type="text" name="mainsite" value="<?php echo $ct["contestmainsite"]; ?>" size="4" maxlength="4" /> + </td> + </tr> + <tr> + <td width="35%" align=right>Contest local site number:</td> + <td width="65%"> + <input type="text" name="localsite" value="<?php echo $ct["contestlocalsite"]; ?>" size="4" maxlength="4" /> + </td> + </tr> + </table> + </center> + <center> + <input type="submit" name="Submit3" value="Send" onClick="conf()"> + <input type="submit" name="Submit3" value="Activate" onClick="conf()"> + <input type="reset" name="Submit4" value="Clear"> + </center> + <?php } else { echo "<br><br><center>Select a contest or create a new one.</center><br><br>"; } ?> +</form> + +</body> +</html> diff --git a/src/system/header.php b/src/system/header.php new file mode 100644 index 0000000..75d0fca --- /dev/null +++ b/src/system/header.php @@ -0,0 +1,63 @@ +<?php +//////////////////////////////////////////////////////////////////////////////// +//BOCA Online Contest Administrator +// Copyright (C) 2003-2012 by BOCA Development Team (bocasystem@gmail.com) +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// You should have received a copy of the GNU General Public License +// along with this program. If not, see <http://www.gnu.org/licenses/>. +//////////////////////////////////////////////////////////////////////////////// +// Last modified 05/aug/2012 by cassio@ime.usp.br +ob_start(); +header ("Expires: " . gmdate("D, d M Y H:i:s") . " GMT"); +header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); +header ("Cache-Control: no-cache, must-revalidate"); +header ("Pragma: no-cache"); +header ("Content-Type: text/html; charset=utf-8"); +session_start(); +ob_end_flush(); +require_once('../version.php'); + +require_once("../globals.php"); +require_once("../db.php"); + +echo "<html><head><title>System's Page</title>\n"; +echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n"; +echo "<link rel=stylesheet href=\"../Css.php\" type=\"text/css\">\n"; + +//echo "<meta http-equiv=\"refresh\" content=\"60\" />"; +if(!ValidSession()) { + InvalidSession("system/index.php"); + ForceLoad("../index.php"); +} +if($_SESSION["usertable"]["usertype"] != "system") { + IntrusionNotify("system/index.php"); + ForceLoad("../index.php"); +} + +echo "</head><body><table border=1 width=\"100%\">\n"; +echo "<tr><td nowrap bgcolor=\"eeee00\" align=center>"; +echo "<img src=\"../images/smallballoontransp.png\" alt=\"\">"; +echo "<font color=\"#000000\">BOCA</font>"; +echo "</td><td bgcolor=\"#eeee00\" width=\"99%\">\n"; +echo "Username: " . $_SESSION["usertable"]["userfullname"] ."<br>\n"; +list($clockstr,$clocktype)=siteclock(); +echo "</td><td bgcolor=\"#eeee00\" align=center nowrap> ".$clockstr." </td></tr>\n"; +echo "</table>\n"; +echo "<table border=0 width=\"100%\" align=center>\n"; +echo " <tr>\n"; +echo " <td align=center><a class=menu style=\"font-weight:bold\" href=contest.php>Contest</a></td>\n"; +echo " <td align=center><a class=menu style=\"font-weight:bold\" href=importxml.php>Import</a></td>\n"; +echo " <td align=center><a class=menu style=\"font-weight:bold\" href=option.php>Options</a></td>\n"; +echo " <td align=center><a class=menu style=\"font-weight:bold\" href=../index.php>Logout</a></td>\n"; +echo " </tr>\n"; +echo "</table>\n"; +?> diff --git a/src/system/importxml.php b/src/system/importxml.php new file mode 100644 index 0000000..5fcaef3 --- /dev/null +++ b/src/system/importxml.php @@ -0,0 +1,245 @@ +<?php +//////////////////////////////////////////////////////////////////////////////// +//BOCA Online Contest Administrator +// Copyright (C) 2003-2012 by BOCA Development Team (bocasystem@gmail.com) +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// You should have received a copy of the GNU General Public License +// along with this program. If not, see <http://www.gnu.org/licenses/>. +//////////////////////////////////////////////////////////////////////////////// +// Last modified 05/aug/2012 by cassio@ime.usp.br +//Change list +// 15/June/2011 by cassio@ime.usp.br: created based on import.php + +require('header.php'); +$id = ''; + +if(isset($_POST["Submit"])) { + if(isset($_SESSION["importfile"])) { + $importfile = $_SESSION['importfile']; + } + if (isset($_FILES["importfile"]) && $_FILES["importfile"]["name"]!="") { + $importfile = $_FILES["importfile"]; + } + if(isset($importfile)) { + $_SESSION['importfile'] = $importfile; + + if ($_POST["confirmation"] == "confirm") { + $type=htmlspecialchars($importfile["type"]); + $size=htmlspecialchars($importfile["size"]); + $name=htmlspecialchars($importfile["name"]); + $temp=htmlspecialchars($importfile["tmp_name"]); + if(isset($importfile['filecontent'])) + $ar = $importfile['filecontent']; + else { + if (!is_uploaded_file($temp)) { + IntrusionNotify("file upload problem."); + ForceLoad("../index.php"); + } + if (($ar = file($temp)) === false) { + IntrusionNotify("Unable to open the uploaded file."); + ForceLoad("../index.php"); + } + $ar=implode('',$ar); + $_SESSION['importfile']['filecontent']=$ar; + } + $localsite=0; + if(isset($_POST['localsite']) && is_numeric($_POST['localsite'])) $localsite=$_POST['localsite']; + $acr['CONTESTREC']=array('number'=>-1, + 'name'=>-1, + 'startdate'=>-1, + 'duration'=>-1, + 'lastmileanswer'=>-1, + 'lastmilescore'=>-1, + 'localsite'=>-1, + 'penalty'=>-1, + 'maxfilesize'=>-1, + 'updatetime'=>-1); + if($localsite > 0) + $acr['CONTESTREC']['localsite'] = "" . $localsite; + + $acr['ANSWERREC']=array('number'=>-1, + 'name'=>-1, + 'yes'=>-1, + 'updatetime'=>-1); + $acr['LANGUAGEREC']=array('number'=>-1, + 'name'=>-1, + 'filepath'=>-1, + 'filename'=>-1, + 'comppath'=>-1, + 'compname'=>-1, + 'problemnumber'=>-1, + 'updatetime'=>-1); + $acr['PROBLEMREC']=array('number'=>-1, + 'name'=>-1, + 'fullname'=>-1, + 'basename'=>-1, + 'inputfilename'=>-1, + 'inputfilepath'=>-1, + 'solfilename'=>-1, + 'solfilepath'=>-1, + 'descfilename'=>-1, + 'descfilepath'=>-1, + 'tl'=>-1, + 'colorname'=>-1, + 'color'=>-1, + 'fake'=>-1, + 'updatetime'=>-1); + $acr['SITETIME']=array('site'=>-1, + 'start'=>-1, + 'enddate'=>-1, + 'updatetime'=>-1); + $acr['SITEREC']=array('sitenumber'=>-1, + 'site'=>-1, + 'number'=>-1, + 'sitename'=>-1, + 'siteip'=>-1, + 'siteduration'=>-1, + 'sitelastmileanswer'=>-1, + 'sitelastmilescore'=>-1, + 'sitejudging'=>-1, + 'sitetasking'=>-1, + 'siteautoend'=>-1, + 'siteglobalscore'=>-1, + 'siteactive'=>-1, + 'sitescorelevel'=>-1, + 'sitepermitlogins'=>-1, + 'siteautojudge'=>-1, + 'sitenextuser'=>-1, + 'sitenextclar'=>-1, + 'sitenextrun'=>-1, + 'sitenexttask'=>-1, + 'sitemaxtask'=>-1, + 'sitechiefname'=>-1, + 'updatetime'=>-1); + $acr['USERREC']=array('site'=>-1, + 'user'=>-1, + 'number'=>-1, + 'username'=>-1, + 'updatetime'=>-1, + 'usericpcid'=>-1, + 'userfull'=>-1, + 'userdesc'=>-1, + 'type'=>-1, + 'enabled'=>-1, + 'multilogin'=>-1, + 'userip'=>-1, + 'userlastlogin'=>-1, + 'userlastlogout'=>-1, + 'permitip'=>-1); + + if(strtoupper(substr($ar,0,5)) != '<XML>' && isset($_POST['password']) && strlen($_POST['password'])>20) { + echo "<br>Starting to create the contest<br>"; + $str = strtok($ar," \n\t"); + $str = strtok(" \n\t"); + $ar = decryptData($str,$_POST['password'],'importxml'); + if(strtoupper(substr($ar,0,5)) != '<XML>') { + echo "<br>Error decrypting file. Import aborted.<br>"; + echo "</body></html>"; + exit; + } + } + if(strtoupper(substr($ar,0,5)) == '<XML>') { + echo "<br>File has been loaded.<br>"; +// echo "<pre>\n$ar</pre>\n"; + if(!importFromXML($ar,$acr,0,$localsite)) + echo "<br>Error during updating of the local database.<br>"; + echo "</body></html>"; + exit; + } + else + $id = rawurldecode(strtok($ar," \n\t")); + } + } +} else { + unset($_POST['localsite']); + unset($_SESSION['importfile']); +} +?> +<br> +<br> +<center><b> +To import a pre-defined contest, just fill in the import file field.</b></center> +<br> +<body onload="document.form1.name.focus()"> +<script language="JavaScript" src="../sha256.js"></script> +<script language="JavaScript"> +function computeHASH() +{ + var passHASH; + passHASH = ''; + <?php if(strlen($id) > 0) { ?> + passHASH = js_myhash(js_myhash(document.form1.password.value)+'<?php echo $id; ?>'); + <?php } ?> + document.form1.password.value = passHASH; +} +</script> + +<form name="form1" enctype="multipart/form-data" method="post" action="importxml.php"> + <input type=hidden name="confirmation" value="noconfirm" /> + <center> + <table border="0"> + <tr> + <td width="50%" align=right>Local site number:</td> + <td width="50%"> +<?php + if(isset($_POST["localsite"])) { + echo $_POST['localsite']; + echo "<input type=\"hidden\" name=\"localsite\" size=\"10\" value=\"" .$_POST['localsite']. "\">"; + } else + echo "<input type=\"text\" name=\"localsite\" size=\"10\">"; +?> + </td> + </tr> +<?php + if(isset($_SESSION['importfile'])) { + echo "<tr><td width=\"50%\" align=right>Challenge string:</td><td width=\"50%\">" . $id . "</td></tr>\n"; + } else { +?> + <tr> + <td width="50%" align=right>Import file:</td> + <td width="50%"> + <input type="file" name="importfile" size="40"> + </td> + </tr> +<?php + } + if($id == '') { + echo "<input type=\"hidden\" name=\"password\">"; + } else { +?> + <tr> + <td width="50%" align=right>Encryption key:</td> + <td width="50%"> + <input type="password" name="password"> + </td> + </tr> +<?php + } +?> + </table> + </center> + <script language="javascript"> + function conf() { + if (confirm("Confirm?")) { + computeHASH(); + document.form1.confirmation.value='confirm'; + } + } + </script> + <center> + <input type="submit" name="Submit" value="Import" onClick="conf()"> + <input type="reset" name="Submit2" value="Clear"> + </center> +</form> + +</body> +</html> diff --git a/src/system/index.php b/src/system/index.php new file mode 100644 index 0000000..ec74ce9 --- /dev/null +++ b/src/system/index.php @@ -0,0 +1,22 @@ +<?php +//////////////////////////////////////////////////////////////////////////////// +//BOCA Online Contest Administrator +// Copyright (C) 2003-2012 by BOCA Development Team (bocasystem@gmail.com) +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// You should have received a copy of the GNU General Public License +// along with this program. If not, see <http://www.gnu.org/licenses/>. +//////////////////////////////////////////////////////////////////////////////// +// Last modified 05/aug/2012 by cassio@ime.usp.br +require('header.php'); +?> +</body> +</html> diff --git a/src/system/option.php b/src/system/option.php new file mode 100644 index 0000000..81e5879 --- /dev/null +++ b/src/system/option.php @@ -0,0 +1,21 @@ +<?php +//////////////////////////////////////////////////////////////////////////////// +//BOCA Online Contest Administrator +// Copyright (C) 2003-2012 by BOCA Development Team (bocasystem@gmail.com) +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// You should have received a copy of the GNU General Public License +// along with this program. If not, see <http://www.gnu.org/licenses/>. +//////////////////////////////////////////////////////////////////////////////// +// Last modified 05/aug/2012 by cassio@ime.usp.br +require('header.php'); +require('../optionlower.php'); +?> |